Latest Threat Intel

CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. Tracked as CVE-2025-21042, this out-of-bounds write security flaw was discovered in Samsung’s libimagecodec.quram.so library, allowing remote attackers to gain code execution on devices running Android 13 and later. While Samsung patched it

A new phishing automation platform named Quantum Route Redirect is using around 1,000 domains to steal Microsoft 365 users’ credentials. The kit comes pre-configured with phishing domains to allow less skilled threat actors to achieve maximum results with the least effort. Since August, analysts at security awareness company KnowBe4 have noticed Quantum Route Redirect (QRR) attacks in the wild across

North Korean hackers are abusing Google’s Find Hub tool to track the GPS location of their targets and remotely reset Android devices to factory settings. The attacks are primarily targeting South Koreans, and start by approaching the potential victims over KakaoTalk messenger – the most popular instant messaging app in the country. South Korean cybersecurity solutions

Mozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting. The new protections will initially be available only in Private Browsing Mode and Enhanced Tracking Protection (ETP) Strict mode. After testing and optimization, they will be enabled by default in the Firefox web browser.

Phishing attacks are no longer confined to the email inbox, with 34% of phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a hotbed for phishing attacks, and for good reason. Attackers are running sophisticated spear-phishing attacks against company executives, with recent campaigns

Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system. The security issues, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 (all ), were reported this week and disclosed by SUSE software engineer and Open Container Initiative (OCI) board

The Swiss National Cyber Security Centre (NCSC) is warning iPhone owners about a phishing scam that claims to have found your lost or stolen iPhone but is actually trying to steal your Apple ID credentials. When iPhone customers lose their phone or it is stolen, they can set a custom message in Apple’s Find My app that

The new release expands the solution’s capabilities with five additional interface languages, enhanced Proxmox VE backup and recovery, automated real-time replication, improved MSP Direct Connect, and granular backups for physical machines. NAKIVO, a global leader in backup, ransomware protection and disaster recovery across virtual, physical, cloud, NAS and SaaS environments, has officially introduced NAKIVO Backup

The University of Pennsylvania has confirmed that a hacker breached numerous internal systems related to the university’s development and alumni activities and stole data in a cyberattack.  In a new statement, Penn confirmed BleepingComputer’s reporting that the hackers breached its systems using compromised credentials, stating they were stolen in a social engineering attack. “On October 31, Penn

Under a new partnership with the government aimed at combating fraud, Britain’s largest mobile carriers have committed to upgrading their networks to eliminate scammers’ ability to spoof phone numbers within a year. This agreement is part of the new Telecoms Charter, which brings together law enforcement, government agencies, and Britain’s top mobile networks, including BT